[metadata]
id = "FIO01-C"
type = "recommendation"
category = "FIO"
number = 1
title = "Be careful using functions that use file names for identification"
description = """
Many file-related security vulnerabilities result from a program accessing an
unintended file object because file names are only loosely bound to underlying
file objects. File names provide no information regarding the nature of the file
object itself. Furthermore, the binding of a file name to a file object is
reasserted every time the file name is used in an operation. File descriptors
andFILEpointers are bound to underlying file objects by the operating system.
(SeeFIO03-C. Do not make assumptions about fopen() and file creation.) Accessing
files via file descriptors orFILEpointers rather than file names provides a
greater degree of certainty as to which object is actually acted upon. It is
recommended that files be accessed through file descriptors orFILEpointers where
possible. The following C functions rely solely on file names for file
identification:
"""
severity = "Medium"
likelihood = "Likely"
priority = "P12"
level = "L1"
cert_version = "2016 Edition (Wiki)"
last_modified = "May 20, 2025"
[rules.cert_c.FIO01-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/FIO01-C.+Be+careful+using+functions+that+use+file+names+for+identification"
cwe = ["CWE-73", "CWE-367", "CWE-676"]